The following Fedora 16 Security updates need testing:
https://admin.fedoraproject.org/updates/FEDORA-2012-10314/revelation-0.4.14-1.fc16
https://admin.fedoraproject.org/updates/FEDORA-2012-10871/perl-DBD-Pg-2.19.2-1.fc16
https://admin.fedoraproject.org/updates/FEDORA-2012-10887/nsd-3.2.12-1.fc16
https://admin.fedoraproject.org/updates/FEDORA-2012-10897/puppet-2.6.17-2.fc16
https://admin.fedoraproject.org/updates/FEDORA-2012-10590/raptor-1.4.21-12.fc16
https://admin.fedoraproject.org/updates/FEDORA-2012-10402/bcfg2-1.2.3-1.fc16
https://admin.fedoraproject.org/updates/FEDORA-2012-10727/ganglia-3.1.7-5.fc16
https://admin.fedoraproject.org/updates/FEDORA-2012-10411/kdepim-4.8.4-4.fc16
https://admin.fedoraproject.org/updates/FEDORA-2012-10819/exif-0.6.21-1.fc16
https://admin.fedoraproject.org/updates/FEDORA-2012-10829/seamonkey-2.11-1.fc16
https://admin.fedoraproject.org/updates/FEDORA-2012-10822/thunderbird-lightning-1.6-1.fc16,thunderbird-14.0-1.fc16,xulrunner-14.0.1-3.fc16,firefox-14.0.1-1.fc16
https://admin.fedoraproject.org/updates/FEDORA-2012-6614/gdb-7.3.50.20110722-16.fc16
https://admin.fedoraproject.org/updates/FEDORA-2012-7593/tomcat6-6.0.35-1.fc16
The following Fedora 16 Critical Path updates have yet to be approved:
https://admin.fedoraproject.org/updates/FEDORA-2012-10882/dbus-glib-0.98-2.fc16
https://admin.fedoraproject.org/updates/FEDORA-2012-10804/sed-4.2.1-9.fc16
https://admin.fedoraproject.org/updates/FEDORA-2012-10822/thunderbird-lightning-1.6-1.fc16,thunderbird-14.0-1.fc16,xulrunner-14.0.1-3.fc16,firefox-14.0.1-1.fc16
https://admin.fedoraproject.org/updates/FEDORA-2012-10764/kernel-3.4.5-1.fc16
https://admin.fedoraproject.org/updates/FEDORA-2012-10721/libjpeg-turbo-1.2.1-1.fc16
https://admin.fedoraproject.org/updates/FEDORA-2012-10704/kdelibs-4.8.4-8.fc16
https://admin.fedoraproject.org/updates/FEDORA-2012-10617/phonon-backend-gstreamer-4.6.1-1.fc16
https://admin.fedoraproject.org/updates/libexif-0.6.21-1.fc16
https://admin.fedoraproject.org/updates/FEDORA-2012-10602/nspr-4.9.1-2.fc16,nss-util-3.13.5-1.fc16,nss-softokn-3.13.5-1.fc16,nss-3.13.5-1.fc16
https://admin.fedoraproject.org/updates/FEDORA-2012-10574/tar-1.26-4.fc16
https://admin.fedoraproject.org/updates/FEDORA-2012-10538/bash-4.2.36-1.fc16
https://admin.fedoraproject.org/updates/FEDORA-2012-10523/qt-4.8.2-4.fc16
https://admin.fedoraproject.org/updates/FEDORA-2012-10411/kdepim-4.8.4-4.fc16
https://admin.fedoraproject.org/updates/FEDORA-2012-6994/upower-0.9.16-1.fc16
The following builds have been pushed to Fedora 16 updates-testing
389-ds-base-1.2.10.14-1.fc16
BibTool-2.55-1.fc16
cmake-fedora-1.0.0-1.fc16
dbus-glib-0.98-2.fc16
gnusim8085-1.3.7-3.fc16
gridsite-1.7.21-2.fc16
hyena-0.5-3.fc16
mock-1.1.23-1.fc16
nsd-3.2.12-1.fc16
perl-DBD-Pg-2.19.2-1.fc16
perl-Rose-Object-0.859-5.fc16
php-symfony2-Form-2.0.16-1.fc16
php-symfony2-Security-2.0.16-1.fc16
poppler-sharp-0.0.3-2.fc16
puppet-2.6.17-2.fc16
qemu-0.15.1-6.fc16
qgis-1.8.0-6.fc16
rubygem-qpid-0.16.0-12.fc16.1
subscription-manager-1.0.7-1.fc16
wine-1.5.9-1.fc16
Details about builds:
================================================================================
389-ds-base-1.2.10.14-1.fc16 (FEDORA-2012-10875)
389 Directory Server (base)
--------------------------------------------------------------------------------
Update Information:
Ticket #410 - Referential integrity plug-in does not work when update interval is not zero
issues with modrdn with attribute uniqueness and referential integrity
Trac Ticket 396 - Account Usability Control Not Working
do not reveal unhashed user password
Ticket #390 - [abrt] 389-ds-base-1.2.10.6-1.fc16: slapi_attr_value_cmp: Process /usr/sbin/ns-slapd was killed by signal 11 (SIGSEGV)
some repl and some crashing issues
fix ldclt crash in previous fix
a couple of crashes
Ticket #348 - crash in ldap_initialize with multiple threads
Ticket #347 - IPA dirsvr seg-fault during system longevity test
crash bug with multiple transactions and range searches
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 18 2012 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.2.10.14-1
- Ticket #410 - Referential integrity plug-in does not work when update interval is not zero
* Mon Jul 16 2012 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.2.10.13-1
- Ticket #406 - Impossible to rename entry (modrdn) with Attribute Uniqueness plugin enabled
- Ticket #405 - referint modrdn not working if case is different
* Wed Jun 27 2012 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.2.10.12-1
- Ticket 378 - unhashed#user#password visible after changing password
- fix typo in previous patch
- Trac Ticket 396 - Account Usability Control Not Working
* Thu Jun 21 2012 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.2.10.11-1
- Ticket #378 - audit log does not log unhashed password: enabled, by default.
- Ticket #378 - unhashed#user#password visible after changing password
- Ticket #365 - passwords in clear text in the audit log
* Mon Jun 18 2012 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.2.10.10-1
- Ticket #390 - [abrt] 389-ds-base-1.2.10.6-1.fc16: slapi_attr_value_cmp: Process /usr/sbin/ns-slapd was killed by signal 11 (SIGSEGV)
* Thu May 24 2012 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.2.10.9-1
- Ticket #382 - DS Shuts down intermittently
- Trac Ticket #359 - Database RUV could mismatch the one in changelog under the stress
- Bug #361: Bad DNs in ACIs can segfault ns-slapd
- Trac Ticket #338 - letters in object's cn get converted to lowercase when renaming object
* Thu May 3 2012 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.2.10.8-1
- Ticket #348 - crash in ldap_initialize with multiple threads
- previous fix would crash in ldclt - this fixes that crash
* Mon Apr 30 2012 Rich Megginson <rmeggins@xxxxxxxxxx> - 1.2.10.7-1
- Ticket #348 - crash in ldap_initialize with multiple threads
- Ticket #347 - IPA dirsvr seg-fault during system longevity test
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #832506 - [abrt] 389-ds-base-1.2.10.6-1.fc16: slapi_attr_value_cmp: Process /usr/sbin/ns-slapd was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=832506
--------------------------------------------------------------------------------
================================================================================
BibTool-2.55-1.fc16 (FEDORA-2012-10894)
A Tool for manipulating BibTeX data bases
--------------------------------------------------------------------------------
Update Information:
rebase to upstream
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 18 2012 Michael J Gruber <mjg@xxxxxxxxxxxxxxxxx> 2.55-1
- rebase to BibTool 2.55
- dump patch1
- fix configure droppings in makefile (botched kpathsea detection)
* Wed Jul 18 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.53-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Thu Jan 12 2012 Michael J Gruber <mjg@xxxxxxxxxxxxxxxxx> 2.53-1
- rebase to BibTool 2.53
* Thu Jan 12 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.51-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
cmake-fedora-1.0.0-1.fc16 (FEDORA-2012-10886)
CMake helper modules for fedora developers
--------------------------------------------------------------------------------
Update Information:
- Greatly simplified the modules design and usage.
- Release version are now defined in cmake-fedora.conf
for easy maintenance.
- Fix the MANAGE_MESSAGE_LEVEL
- koji scratch builds are run only once before tagging.
- CVS support is removed.
- New command: koji-build-scratch for scratch build on all supported
releases.
- New module: ManageTarget
- New function: SETTING_STRING_GET_VARIABLE
- New macro: ADD_CUSTOM_TARGET_COMMAND
- Macros changed behavior:
MANAGE_ZANATA: Arguments are changed.
- Target changed: changelog_update are now separate as:
+ changelog_prev_update: Update ChangeLog.prev
+ rpm_changelog_prev_update: Update RPM-ChangeLog.prev
- Command renamed:
+ cmake-fedora-newprj.sh to cmake-fedora-newprj
- Module renamed:
+ ManageReleaseOnFedora to ManageReleaseFedora
+ ManageMaintainerTargets to ManageUpload
+ PackSource to ManageArchive
+ PackRPM to ManageRPM
+ UseGConf to ManageGConf
+ UseDoxygen to ManageAPIDoc
- Function renamed:
+ LOAD_RELEASE_FILE to RELEASE_NOTES_READ_FILE
- Macro renamed:
+ PACK_SOURCE to PACK_SOURCE_ARCHIVE
+ USE_MOCK to RPM_MOCK_BUILD
+ USE_DOXYGEN to MANAGE_APIDOC_DOXYGEN
+ USE_GETTEXT to MANAGE_GETTEXT
+ USE_ZANATA to MANAGE_ZANATA
- Variable renamed: PACK_SOURCE_IGNORE_FILES to SOURCE_ARCHIVE_IGNORE_FILES
- RELEASE_ON_FEDORA: support new tags: "fedora" for current fedora,
and "epel" for current epel.
- ChangeLog generation rewritten, target version_check no longer need.
- Removed target: version_check
- Variable Removed:
FEDORA_NEXT_RELEASE
FEDORA_NEXT_RELEASE_TAGS
FEDORA_LATEST_RELEASE
FEDORA_PREVIOUS_RELEASE
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 19 2012 Ding-Yi Chen <dchen at redhat.com> - 1.0.0-1
- Greatly simplified the modules design and usage.
- Release version are now defined in cmake-fedora.conf
for easy maintenance.
- Fix the MANAGE_MESSAGE_LEVEL
- koji scratch builds are run only once before tagging.
- CVS support is removed.
- New command: koji-build-scratch for scratch build on all supported
releases.
- New module: ManageTarget
- New function: SETTING_STRING_GET_VARIABLE
- New macro: ADD_CUSTOM_TARGET_COMMAND
- Macros changed behavior:
MANAGE_ZANATA: Arguments are changed.
- Target changed: changelog_update are now separate as:
+ changelog_prev_update: Update ChangeLog.prev
+ rpm_changelog_prev_update: Update RPM-ChangeLog.prev
- Command renamed:
+ cmake-fedora-newprj.sh to cmake-fedora-newprj
- Module renamed:
+ ManageReleaseOnFedora to ManageReleaseFedora
+ ManageMaintainerTargets to ManageUpload
+ PackSource to ManageArchive
+ PackRPM to ManageRPM
+ UseGConf to ManageGConf
+ UseDoxygen to ManageAPIDoc
- Function renamed:
+ LOAD_RELEASE_FILE to RELEASE_NOTES_READ_FILE
- Macro renamed:
+ PACK_SOURCE to PACK_SOURCE_ARCHIVE
+ USE_MOCK to RPM_MOCK_BUILD
+ USE_DOXYGEN to MANAGE_APIDOC_DOXYGEN
+ USE_GETTEXT to MANAGE_GETTEXT
+ USE_ZANATA to MANAGE_ZANATA
- Variable renamed: PACK_SOURCE_IGNORE_FILES to SOURCE_ARCHIVE_IGNORE_FILES
- RELEASE_ON_FEDORA: support new tags: "fedora" for current fedora,
and "epel" for current epel.
- ChangeLog generation rewritten, target version_check no longer need.
- Removed target: version_check
- Variable Removed:
FEDORA_NEXT_RELEASE
FEDORA_NEXT_RELEASE_TAGS
FEDORA_LATEST_RELEASE
FEDORA_PREVIOUS_RELEASE
--------------------------------------------------------------------------------
================================================================================
dbus-glib-0.98-2.fc16 (FEDORA-2012-10882)
GLib bindings for D-Bus
--------------------------------------------------------------------------------
Update Information:
Should fix fallback mode networking.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 19 2012 Colin Walters <walters@xxxxxxxxxx> - 0.98-2
- Bump release to override deleted build
- Should fix https://bugzilla.redhat.com/show_bug.cgi?id=766198
* Wed Oct 5 2011 Colin Walters <walters@xxxxxxxxxx> - 0.98-1
- Update to 0.98
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #817851 - [abrt] NetworkManager-gnome-0.9.4-3.git20120403.fc16: Process /usr/bin/nm-applet was killed by signal 5 (SIGTRAP)
https://bugzilla.redhat.com/show_bug.cgi?id=817851
--------------------------------------------------------------------------------
================================================================================
gnusim8085-1.3.7-3.fc16 (FEDORA-2012-10868)
Graphical simulator for 8085 assembly language
--------------------------------------------------------------------------------
Update Information:
Fixing the old bugs (sig 11 and FTBFS), and un-deprecating this package after review.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 19 2012 Patrick Uiterwijk <puiterwijk@xxxxxxxxx> - 1.3.7-3
- Fixed comments from review
* Wed Jul 18 2012 Patrick Uiterwijk <puiterwijk@xxxxxxxxx> - 1.3.7-2
- Revised for the review again, taken most of the patch of Michael Schwendt
* Wed Jul 18 2012 Patrick Uiterwijk <puiterwijk@xxxxxxxxx> - 1.3.7-1
- Rebased to 1.3.7 upstream
- Revised for re-reviewing after deprecation from previous maintainer
* Tue Feb 8 2011 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.3.6-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #841335 - Review Request: gnusim8085 - Graphical simulator for 8085 assembly language
https://bugzilla.redhat.com/show_bug.cgi?id=841335
--------------------------------------------------------------------------------
================================================================================
gridsite-1.7.21-2.fc16 (FEDORA-2012-10885)
Grid Security for the Web, Web platforms for Grids
--------------------------------------------------------------------------------
Update Information:
- Update for new upstream release - 1.7.21
- Added compatibility with the EMI project packaging (exposing EMI package names, added missing tools)
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 16 2012 Ricardo Rocha <ricardo.rocha@xxxxxxx> - 1.7.21-2
- Rebuild with proper tarballs
* Mon Jul 16 2012 Ricardo Rocha <ricardo.rocha@xxxxxxx> - 1.7.21-1
- Upstream to 1.7.21, compliance with EMI project gridsite packaging
- Removed unused patches
* Mon Apr 16 2012 steve.traylen@xxxxxxx - 1.7.20-1
- Upstream to 1.7.20, Add gridsite-httpd24.patch
--------------------------------------------------------------------------------
================================================================================
hyena-0.5-3.fc16 (FEDORA-2012-10899)
A library of GUI and non-GUI C sharp code
--------------------------------------------------------------------------------
Update Information:
new package
--------------------------------------------------------------------------------
================================================================================
mock-1.1.23-1.fc16 (FEDORA-2012-10872)
Builds packages inside chroots
--------------------------------------------------------------------------------
Update Information:
Added mockchain which takes a mock config and a series of srpms, rebuilds the srpms one by one, adding each resulting rpm to a local repository so that they are available as build deps to the next package being built
Remove EPEL-4 configs
fix problem in scm.py with SSH_AUTH_SOCK [BZ# 803217]
fix baseurl (remove dist-) for f17 configs [BZ# 795409]
fix incorrect setting of gid in UidManager.changeOwner() [BZ# 782449]
allow chroot group to be configurable [BZ# 719099]
Remove EPEL-4 configs
fix problem in scm.py with SSH_AUTH_SOCK [BZ# 803217]
fix baseurl (remove dist-) for f17 configs [BZ# 795409]
fix incorrect setting of gid in UidManager.changeOwner() [BZ# 782449]
allow chroot group to be configurable [BZ# 719099]
Remove EPEL-4 configs
fix problem in scm.py with SSH_AUTH_SOCK [BZ# 803217]
fix baseurl (remove dist-) for f17 configs [BZ# 795409]
fix incorrect setting of gid in UidManager.changeOwner() [BZ# 782449]
allow chroot group to be configurable [BZ# 719099]
Remove EPEL-4 configs
fix problem in scm.py with SSH_AUTH_SOCK [BZ# 803217]
fix baseurl (remove dist-) for f17 configs [BZ# 795409]
fix incorrect setting of gid in UidManager.changeOwner() [BZ# 782449]
allow chroot group to be configurable [BZ# 719099]
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 7 2012 Clark Williams <williams@xxxxxxxxxx> - 1.1.23-1
- modified startup code to only set mock group [BZ# 809676]
- add CLONE_NEWUTS to unshare(2) call [BZ# 818445]
- from Seth Vidal <skvidal at fedoraproject.org>:
- add mockchain to mock [BZ# 812477]
- from Marko Myllynen <myllynen@xxxxxxxxxx>:
- fix write_tar check in scm.py [BZ# 828677]
- from Masatake YAMATO <yamato@xxxxxxxxxx>:
- added option to set a plugin parameter value [BZ# 754321]
* Thu Mar 29 2012 Clark Williams <williams@xxxxxxxxxx> - 1.1.22-1
- fix SCM problem with SSH_AUTH_SOCK [BZ# 803217]
- From Chris St Pierre <chris.a.st.pierre@xxxxxxxxx>:
- allow chroot group to be configure option
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #809676 - Mock and FreeIPA group detection issues.
https://bugzilla.redhat.com/show_bug.cgi?id=809676
--------------------------------------------------------------------------------
================================================================================
nsd-3.2.12-1.fc16 (FEDORA-2012-10887)
Fast and lean authoritative DNS Name Server
--------------------------------------------------------------------------------
Update Information:
Fix for CVE-2012-2978: NSD denial of service vulnerability from non-standard DNS packet from any host
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 19 2012 Paul Wouters <pwouters@xxxxxxxxxx> - 3.2.12-1
- Upgraded to 3.2.12 which fixes CVE-2012-2978 (rhbz#841268)
* Mon Jul 16 2012 Paul Wouters <pwouters@xxxxxxxxxx> - 3.2.11-1
- Updated to 3.2.11
- Remove execute perm from unitdir file
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #841268 - CVE-2012-2978: nsd: NSD denial of service vulnerability from non-standard DNS packet from any host on the internet.
https://bugzilla.redhat.com/show_bug.cgi?id=841268
--------------------------------------------------------------------------------
================================================================================
perl-DBD-Pg-2.19.2-1.fc16 (FEDORA-2012-10871)
A PostgreSQL interface for perl
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream version, fixed the security bug CVE-2012-1151
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 19 2012 Jitka Plesnikova <jplesnik@xxxxxxxxxx> - 2.19.2-1
- bump to 2.19.2
- Fixed #841133
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #841133 - CVE-2012-1151 perl-DBD-Pg: Format string flaws by turning db notices into Perl warnings and by preparing DBD statement [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=841133
--------------------------------------------------------------------------------
================================================================================
perl-Rose-Object-0.859-5.fc16 (FEDORA-2012-10888)
Simple object base class
--------------------------------------------------------------------------------
Update Information:
Simple object base class
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #839742 - Review Request: perl-Rose-Object - Simple object base class
https://bugzilla.redhat.com/show_bug.cgi?id=839742
--------------------------------------------------------------------------------
================================================================================
php-symfony2-Form-2.0.16-1.fc16 (FEDORA-2012-10866)
Symfony2 Form Component
--------------------------------------------------------------------------------
Update Information:
Update to version 2.0.16
Bugs fixed:
* Errors not to be added onto non-synchronized forms
* Changed getName() to name on all Reflection* object calls (fixes #4555, refs https://bugs.php.net/bug.php?id=61384)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 18 2012 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> 2.0.16-1
- Updated to upstream version 2.0.16
- Removed changed PEAR role of
Symfony/Component/Form/Resources/config/validation.xml (fixed upstream)
- Minor syntax updates
--------------------------------------------------------------------------------
================================================================================
php-symfony2-Security-2.0.16-1.fc16 (FEDORA-2012-10895)
Symfony2 Security Component
--------------------------------------------------------------------------------
Update Information:
Update to version 2.0.16
Bugs fixed:
* Allow "0" as a password
* Only redirect to urls called with http method GET
* Changed getName() to name on all Reflection* object calls (fixes #4555, refs https://bugs.php.net/bug.php?id=61384)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 18 2012 Shawn Iwinski <shawn.iwinski@xxxxxxxxx> 2.0.16-1
- Updated to upstream version 2.0.16
- Removed changed PEAR role of *.sql files from doc to php (fixed upstream)
- Minor syntax updates
--------------------------------------------------------------------------------
================================================================================
poppler-sharp-0.0.3-2.fc16 (FEDORA-2012-10862)
C sharp Bindings for Poppler
--------------------------------------------------------------------------------
Update Information:
new package
--------------------------------------------------------------------------------
================================================================================
puppet-2.6.17-2.fc16 (FEDORA-2012-10897)
A network tool for managing many disparate systems
--------------------------------------------------------------------------------
Update Information:
This is an upstream security release. It addresses a number of issues found in puppet-2.6.x. The Red Hat security team has rated this update as having low security impact.
Refer to the upstream release notes and bugzilla entries for further details.
http://projects.puppetlabs.com/projects/1/wiki/Release_Notes#2.6.17
NetworkManager compatibility should be improved in this release, thanks to Orion Poplawski (any bugs in implementing Orion's suggested dispatcher script are my own).
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 19 2012 Todd Zullinger <tmz@xxxxxxxxx> - 2.6.17-2
- Corrected CVE list, 2.6 is not affected by CVE-2012-3866
* Wed Jul 11 2012 Todd Zullinger <tmz@xxxxxxxxx> - 2.6.17-1
- Update to 2.6.17, fixes CVE-2012-3864, CVE-2012-3865, CVE-2012-3867
- Improve NetworkManager compatibility, thanks to Orion Poplawski (#532085)
- Preserve timestamps when installing files
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #839130 - CVE-2012-3864 puppet: authenticated clients allowed to read arbitrary files from the puppet master
https://bugzilla.redhat.com/show_bug.cgi?id=839130
[ 2 ] Bug #839131 - CVE-2012-3865 puppet: authenticated clients allowed to delete arbitrary files on the puppet master
https://bugzilla.redhat.com/show_bug.cgi?id=839131
[ 3 ] Bug #839158 - CVE-2012-3867 puppet: insufficient validation of agent names in CN of SSL certificate requests
https://bugzilla.redhat.com/show_bug.cgi?id=839158
--------------------------------------------------------------------------------
================================================================================
qemu-0.15.1-6.fc16 (FEDORA-2012-10881)
QEMU is a FAST! processor emulator
--------------------------------------------------------------------------------
Update Information:
* Fix fedora guest hang with virtio console (bz 837925)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 18 2012 Cole Robinson <crobinso@xxxxxxxxxx> - 0.15.1-6
- Fix fedora guest hang with virtio console (bz 837925)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #837925 - Fedora 16 and 17 guests hang during boot
https://bugzilla.redhat.com/show_bug.cgi?id=837925
--------------------------------------------------------------------------------
================================================================================
qgis-1.8.0-6.fc16 (FEDORA-2012-10865)
A user friendly Open Source Geographic Information System
--------------------------------------------------------------------------------
Update Information:
Solve QGIS bug #5809:
QGIS crashes when a datasource is removed or deleted.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 18 2012 Volker Fröhlich <volker27@xxxxxx> - 1.8.0-6
- Add patch for QGIS bug #5809
* Sat Jul 7 2012 Volker Fröhlich <volker27@xxxxxx> - 1.8.0-5
- Rebuilt too quick
* Sat Jul 7 2012 Volker Fröhlich <volker27@xxxxxx> - 1.8.0-4
- One more rebuild, due to a broken GDAL
* Fri Jul 6 2012 Volker Fröhlich <volker27@xxxxxx> - 1.8.0-3
- Rebuild for Spatialite 3
* Wed Jul 4 2012 Volker Fröhlich <volker27@xxxxxx> - 1.8.0-2
- Correct locale if clause
- Apply patch for older versions of SIP
--------------------------------------------------------------------------------
================================================================================
rubygem-qpid-0.16.0-12.fc16.1 (FEDORA-2012-10901)
Ruby bindings for the Qpid messaging framework
--------------------------------------------------------------------------------
Update Information:
Fixes the location of cqpid.so so the Ruby VM can find it.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 18 2012 Darryl L. Pierce <dpierce@xxxxxxxxxx> - 0.16.0-12.1
- Fixed the library directory name.
* Thu May 10 2012 Darryl L. Pierce <dpierce@xxxxxxxxxx> - 0.16.0-12
- Removed Boost licensing text from LICENSE.
- Resolves: rhbz#817639/QPID-3992
--------------------------------------------------------------------------------
================================================================================
subscription-manager-1.0.7-1.fc16 (FEDORA-2012-10905)
Tools and libraries for subscription and repository management
--------------------------------------------------------------------------------
Update Information:
Revamped choose sever screen, rhsmcertd continues to run when not registered, added button to test proxy connection, added support for systemd, many translations fixes, auto-updating of identity certificates, added unset release command.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jun 28 2012 Alex Wood <awood@xxxxxxxxxx> 1.0.7-1
- Revamp choose server screen. (dgoodwin@xxxxxxxxxx)
* Thu Jun 28 2012 Alex Wood <awood@xxxxxxxxxx> 1.0.6-1
- rhsmcertd no longer exits when not registered. (mstead@xxxxxxxxxx)
- po file cleanups (alikins@xxxxxxxxxx)
- latest strings from zanata (alikins@xxxxxxxxxx)
- Free config resources in one place (mstead@xxxxxxxxxx)
- rhsmcertd: free GKeyFile when done (jbowes@xxxxxxxxxx)
- rhsmcertd: remove studlyCaps (jbowes@xxxxxxxxxx)
- "make stylish" should failed on "swapped" in glade files (alikins@xxxxxxxxxx)
- Remove 'swapped=on' from glade signal markup. (alikins@xxxxxxxxxx)
- add 'fix-glade-swapped' target to de-'swapped' glade files
(alikins@xxxxxxxxxx)
- make stylish fixups (alikins@xxxxxxxxxx)
- Fix at-spi label for "offline_radio" widget (alikins@xxxxxxxxxx)
- shorter messages for cases where registered to RHN Classic
(alikins@xxxxxxxxxx)
- Tighten up the gettext_lint regex (alikins@xxxxxxxxxx)
- Fix string that was breaking xgettext (alikins@xxxxxxxxxx)
- 810998: Add a button to test a proxy connection. (awood@xxxxxxxxxx)
- new messages, and remove checking of rhn serverURL (alikins@xxxxxxxxxx)
- remove unused es.po file (bkearney@xxxxxxxxxx)
- 829486: Removed untranslated words to force a re-translation
(bkearney@xxxxxxxxxx)
- Remove unused bn.po file (bkearney@xxxxxxxxxx)
- 826856: Add check for service-level command that --org can only be used with
--list option (bkearney@xxxxxxxxxx)
- 829483: Remove english to english translation to force a re-translations
(bkearney@xxxxxxxxxx)
- Remove unused de po file (bkearney@xxxxxxxxxx)
- 819665: on 'version' display if we are registered to RHN Classic
(alikins@xxxxxxxxxx)
* Tue Jun 26 2012 Alex Wood <awood@xxxxxxxxxx> 1.0.5-1
- 804109: Give a specific message when providing invalid credentials.
(awood@xxxxxxxxxx)
- 810360: update wording in gnome help file (cduryee@xxxxxxxxxx)
- use new bin location of files for $STYLEFILES (alikins@xxxxxxxxxx)
- add 'debuglint' for checking for leftover debugger imports
(alikins@xxxxxxxxxx)
- Update make clean target (jbowes@xxxxxxxxxx)
- Move py executables to bin/ (jbowes@xxxxxxxxxx)
- Put no results text inside the scrolled window (jbowes@xxxxxxxxxx)
- 817901: Show text when there are no subscriptions to show.
(dgoodwin@xxxxxxxxxx)
- Move initd file to etc-conf (jbowes@xxxxxxxxxx)
- Move plugins to their own src dir (jbowes@xxxxxxx)
- More test cases for utils.parse_url (alikins@xxxxxxxxxx)
- 829482: Delete unstranslated strings in order force a retranslation
(bkearney@xxxxxxxxxx)
- 811602: Fix the help output based on UXD feedback (bkearney@xxxxxxxxxx)
- 828867: Removed the extra %s string from the te translation
(bkearney@xxxxxxxxxx)
- 829479: Remove unstranslated strings to force a re-translation
(bkearney@xxxxxxxxxx)
- Delete the unused pt.po file (bkearney@xxxxxxxxxx)
- 829476: Remove untranslated strings. (bkearney@xxxxxxxxxx)
- 811553: Improve the text for auto subscribe during registration
(bkearney@xxxxxxxxxx)
- 829471: Fix the translation for usage, and remove a translation for %org id
to force a retranslation (bkearney@xxxxxxxxxx)
- Remove an outdated ta.po file (bkearney@xxxxxxxxxx)
- 828810: Remove extra %s in translation (bkearney@xxxxxxxxxx)
- Test to ensure that pool id is in the output for list --available
(wpoteat@xxxxxxxxxx)
- Close registration window even if it failed. (dgoodwin@xxxxxxxxxx)
- 825923: Subscription-manager service-level set should say "Service level set
to:" (wpoteat@xxxxxxxxxx)
- 811594: Default behavior for ReposCommand is --list (wpoteat@xxxxxxxxxx)
- 832400: service-level --unset should display proper message for unregistered
client. (wpoteat@xxxxxxxxxx)
* Tue Jun 19 2012 Alex Wood <awood@xxxxxxxxxx> 1.0.4-1
- 818978: Use systemd instead of sysv when installing on F17+ and RHEL7+.
(mstead@xxxxxxxxxx)
- 827035: update identity certificate (jmrodri@xxxxxxxxx)
- registergui: make screens without guis more generic (jbowes@xxxxxxxxxx)
- Incorrect field value removed on previous change (wpoteat@xxxxxxxxxx)
- 829812: Add an unset command for the release command (bkearney@xxxxxxxxxx)
- 823659: Update SLA text in Settings to Service Level (wpoteat@xxxxxxxxxx)
- Use a temp file for finding used widgets (jbowes@xxxxxxxxxx)
- clean up some unused import warnings (jbowes@xxxxxxxxxx)
- default to running style checks on tests (jbowes@xxxxxxxxxx)
- Make test cases stylish as well... (alikins@xxxxxxxxxx)
- Fix "make stylish" (alikins@xxxxxxxxxx)
- 829803: Added an unset command to service level. (bkearney@xxxxxxxxxx)
- Remove reference to InstalledProductsTab.product_id_text (alikins@xxxxxxxxxx)
- Add a "find-missing-widgets" target to makefile (alikins@xxxxxxxxxx)
- 830949: add accessibility locators for registration widgets
(alikins@xxxxxxxxxx)
- 824979: No message for subscription-manager release --list with no
subscriptions. (wpoteat@xxxxxxxxxx)
- Added UnRegisterCommand and UnSubscribeCommand nosetests (wpoteat@xxxxxxxxxx)
- registergui: get firstboot working with new new code (jbowes@xxxxxxx)
- registergui: Create a PreformRegisterScreen class (jbowes@xxxxxxx)
- registergui: add a post method for setting data on the parent
(jbowes@xxxxxxx)
- registergui: create a 'pre' hook for screens (jbowes@xxxxxxx)
(cduryee@xxxxxxxxxx)
- 819665: print msg if user is registered to RHN Classic on "identity" command
(cduryee@xxxxxxxxxx)
(wpoteat@xxxxxxxxxx)
- Add F17 yum repo release target. (dgoodwin@xxxxxxxxxx)
- fix make stylish (jbowes@xxxxxxxxxx)
- 810352: Disable the expansion of the system name selection in the register
dialog (bkearney@xxxxxxxxxx)
- 824530: add test case for setting proxy cli for release (alikins@xxxxxxxxxx)
- rhsm-icon codestyle cleanups (jbowes@xxxxxxx)
- 829900: Use the term 'Subscription Management Service' to refer to SAM, CFSE,
etc (root@bkearney.(none))
- 829898: Make the no service level option a bit clearer as to its meaning
(bkearney@xxxxxxxxxx)
- Improve the logging so that the user only sees the approved output by default
(bkearney@xxxxxxxxxx)
- 830193: Modify the output of the yum plugin to be consistent with RHN
(bkearney@xxxxxxxxxx)
- 824530: "release" command ignoring cli proxy options (alikins@xxxxxxxxxx)
- 828042,828068: Make ja_JP's Confirm Subscription unique for firstboot.
(mstead@xxxxxxxxxx)
- Updating strings from zanata (mstead@xxxxxxxxxx)
- 825309: Remove the archiecture field from the table. (bkearney@xxxxxxxxxx)
- 823608: Rename the software pane to product (bkearney@xxxxxxxxxx)
- 810369: Prefer the term Subscription to Entitlement (bkearney@xxxxxxxxxx)
- Add a warning comment about firstboot module titles (alikins@xxxxxxxxxx)
- Clean up an option (bkearney@xxxxxxxxxx)
- 827208: Fix the xmltag bugs in the or po file (bkearney@xxxxxxxxxx)
- 827214: Clean up the XML tags in ta po file. (bkearney@xxxxxxxxxx)
- Slight change in the path for the ta po file (bkearney@xxxxxxxxxx)
- Slight change in the path for the ta po file (bkearney@xxxxxxxxxx)
- Slight change in the path for the ml po file (bkearney@xxxxxxxxxx)
- 828583: Add some spacing at the end of the file paths in the ko.po file
(bkearney@xxxxxxxxxx)
- 828816: the %prog variable should not be translated (bkearney@xxxxxxxxxx)
- 828821: Fix the addition of a new variable in the hi po file
(bkearney@xxxxxxxxxx)
- 828903: Fix translation of options in the bn po file. (bkearney@xxxxxxxxxx)
- Fix part of the mis translated options (bkearney@xxxxxxxxxx)
- 828965: Fix a translated option which should not have been translated
(bkearney@xxxxxxxxxx)
- 828954: fix the --pool option in the translated string (bkearney@xxxxxxxxxx)
- 828958: --available should not be translated (bkearney@xxxxxxxxxx)
- Add --password as an option, not a string. This cause several strings to be
retranslated (bkearney@xxxxxxxxxx)
- 828969: Fix the options in the translated string (bkearney@xxxxxxxxxx)
- 828985: Fix the url in the translated string (bkearney@xxxxxxxxxx)
- 828989: Fix the access url (bkearney@xxxxxxxxxx)
- 818205: Release --set command should only accept values from --list.
(awood@xxxxxxxxxx)
- registergui: extract out a screen superclass (jbowes@xxxxxxx)
- registergui: get button label from screen class (jbowes@xxxxxxx)
- registergui: keep screens in a list (jbowes@xxxxxxx)
- registergui: pull out environment screen into its own class (jbowes@xxxxxxx)
- registergui: sensitivity refactor and method move (jbowes@xxxxxxx)
- registergui: extract out credentials_entered method (jbowes@xxxxxxx)
- registergui: move organization screen to its own class (jbowes@xxxxxxx)
- registergui: move credentials screen to its own class (jbowes@xxxxxxx)
- registergui: move choose server screen to its own class (jbowes@xxxxxxx)
- registergui: switch from GladeWrapper to GladeWidget (jbowes@xxxxxxx)
- registergui: Remove some unused globals (jbowes@xxxxxxx)
--------------------------------------------------------------------------------
================================================================================
wine-1.5.9-1.fc16 (FEDORA-2012-10877)
A compatibility layer for windows applications
--------------------------------------------------------------------------------
Update Information:
* Support for GPOS font tables in Uniscribe.
* Support for XRandr 1.2 and 1.3.
* Parser improvements for the HLSL compiler.
* Relay tracing on ARM.
* Various bug fixes.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 18 2012 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de>
- 1.5.9-1
- version upgrade
- clean up cjk patch to comply with default fonts where possible
- update fedora readme to point out required font packages per cjk locale
* Thu Jul 12 2012 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de>
- 1.5.8-2
- bump for libgphoto2 2.5.0
--------------------------------------------------------------------------------
--
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test
